Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ExUITnU8RyFl2XBGBqahvCG2Co/gIsL3nBVcdYfOSjU=
Subject key identifier: 86:1A:D2:C7:7D:D3:B9:F4:2A:48:DC:90:98:8B:64:4C:9F:FF:32:03
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2F79B25733253BD7B72CB5AFF5B39914957EB336
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 28 Sep 2025 20:47:43 +0000
ROA not before: Sun 28 Sep 2025 20:42:43 +0000
ROA not after: Sun 27 Sep 2026 20:47:43 +0000
asID: 136787
IP address blocks: 185.222.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:79:b2:57:33:25:3b:d7:b7:2c:b5:af:f5:b3:99:14:95:7e:b3:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 28 20:42:43 2025 GMT
Not After : Sep 27 20:47:43 2026 GMT
Subject: CN=861AD2C77DD3B9F42A48DC90988B644C9FFF3203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f0:ba:3a:8a:61:0a:de:82:0f:cf:5e:53:15:
51:d5:84:f6:41:7f:37:09:ee:2d:d1:ec:cc:d7:8c:
aa:ee:93:f3:1d:48:23:93:4e:cf:4c:7f:15:06:e0:
cf:92:51:cf:0f:01:73:30:68:b4:a7:26:cb:15:ef:
45:83:97:03:b8:9d:fb:8d:52:b5:1f:f2:a5:32:93:
c9:83:da:7a:75:1d:bd:f1:cc:bc:ac:a9:83:77:a7:
60:26:0c:4c:12:13:b6:90:c2:66:26:c2:75:ed:c2:
80:f1:44:02:2c:06:8d:ed:1f:c9:c3:86:0a:a6:2e:
cd:ed:8a:03:55:7d:72:d6:d9:92:0c:33:b3:f8:9a:
e6:4c:c0:0f:56:63:e5:9a:d5:69:5f:6f:97:ea:e4:
b5:3e:b3:3e:7c:48:71:0c:8d:b7:63:20:92:5f:c6:
8c:c8:3f:5e:49:47:8c:73:da:74:b7:d6:e2:53:5f:
cc:2e:12:a3:fe:2b:5e:92:2b:ee:13:00:d0:be:d5:
17:bb:b7:6e:3a:a7:22:0b:12:59:84:58:b4:2d:8e:
9a:ba:ea:68:f4:77:d0:79:52:4f:2e:a7:fd:b6:3d:
e1:2d:ed:98:21:09:e4:bf:a4:49:94:b3:d6:d2:92:
62:a9:60:85:d7:5e:01:8f:ee:e8:b0:2a:4b:d1:d3:
6a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1A:D2:C7:7D:D3:B9:F4:2A:48:DC:90:98:8B:64:4C:9F:FF:32:03
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.136.0/24
Signature Algorithm: sha256WithRSAEncryption
21:7b:2f:f0:32:a1:b0:aa:aa:57:59:65:a4:9c:cd:82:e6:ff:
ec:c9:f8:08:a0:61:1e:e5:5c:4e:fc:20:36:7d:d3:aa:11:97:
8f:d1:32:17:82:f1:3a:82:5d:84:eb:c0:33:26:2f:2c:07:5c:
32:b7:eb:2f:12:ab:78:6b:ee:3b:74:16:87:cf:a9:84:76:ff:
99:55:7e:62:61:0b:42:86:74:80:d8:77:90:75:d1:97:36:8f:
f0:5c:6a:e9:44:ae:d1:32:ed:52:c8:a3:c5:d7:a7:98:aa:a2:
0e:40:91:58:7d:1c:5d:58:52:49:8c:3f:e7:fd:30:8a:8e:a2:
fc:89:12:09:ea:7b:30:09:03:ae:62:b7:51:39:4e:51:82:4d:
92:ab:26:98:f0:7f:9f:6f:9d:04:bc:86:5c:85:61:ec:e7:fb:
f9:78:69:4d:c2:70:67:c3:4c:61:07:7e:b9:48:2c:db:a6:61:
dd:4a:6f:0e:8a:1d:1e:2d:91:7d:55:6e:11:73:79:18:37:09:
f7:45:dd:73:52:9c:d3:a0:42:68:3b:08:bb:af:16:bb:40:9d:
03:bc:db:f7:d2:f9:49:1e:f5:8a:c2:fb:61:31:1d:0c:19:7f:
c2:59:cd:d5:83:b6:42:08:53:da:7f:97:43:64:c6:2e:20:05:
f2:98:70:57
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUL3myVzMlO9e3LLWv9bOZFJV+szYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjgyMDQyNDNaFw0yNjA5MjcyMDQ3NDNaMDMxMTAvBgNV
BAMTKDg2MUFEMkM3N0REM0I5RjQyQTQ4REM5MDk4OEI2NDRDOUZGRjMyMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC98Lo6imEK3oIPz15TFVHVhPZB
fzcJ7i3R7MzXjKruk/MdSCOTTs9MfxUG4M+SUc8PAXMwaLSnJssV70WDlwO4nfuN
UrUf8qUyk8mD2np1Hb3xzLysqYN3p2AmDEwSE7aQwmYmwnXtwoDxRAIsBo3tH8nD
hgqmLs3tigNVfXLW2ZIMM7P4muZMwA9WY+Wa1Wlfb5fq5LU+sz58SHEMjbdjIJJf
xozIP15JR4xz2nS31uJTX8wuEqP+K16SK+4TANC+1Re7t246pyILElmEWLQtjpq6
6mj0d9B5Uk8up/22PeEt7ZghCeS/pEmUs9bSkmKpYIXXXgGP7uiwKkvR02pnAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhhrSx33TufQqSNyQmItkTJ//MgMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMx
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALneiDANBgkqhkiG9w0BAQsFAAOCAQEAIXsv8DKhsKqqV1llpJzNgub/7Mn4
CKBhHuVcTvwgNn3TqhGXj9EyF4LxOoJdhOvAMyYvLAdcMrfrLxKreGvuO3QWh8+p
hHb/mVV+YmELQoZ0gNh3kHXRlzaP8Fxq6USu0TLtUsijxdenmKqiDkCRWH0cXVhS
SYw/5/0wio6i/IkSCep7MAkDrmK3UTlOUYJNkqsmmPB/n2+dBLyGXIVh7Of7+Xhp
TcJwZ8NMYQd+uUgs26Zh3UpvDoodHi2RfVVuEXN5GDcJ90Xdc1Kc06BCaDsIu68W
u0CdA7zb99L5SR71isL7YTEdDBl/wlnN1YO2QghT2n+XQ2TGLiAF8phwVw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:05:46 2025 by rpki-client